When I try and verify my domain to get a free SSL certificate from Let’s Encrypt the verification always fails but this time I investigated further and uploaded a index.php to the .well_known directory and I get an error 404 still, my server appears to be blocking directories with a . prefix, any help?
So web host do no allow you to properly access and use those dictionaries (.well_known). I’ve tired to do the same thing before no good. No sure why. Maybe security reasons.
@JuanMunoz Someone has it working in this discussion, https://forum.infinityfree.com/discussion/1454/certificate-upload-error
Directories starting with a . are not blocked. With the correct URL, you should be able to open the certificate challenge correctly.
Just make sure you are using the correct htdocs folder and use the correct folder name. For example, the folder should be called .well-known and not .well_known.
@Admin If you visit my site (http://cnplus.ml/.well-known) it will show my Error: 404 message and I have verified through my cPanel’s Online File Manager that the folder does exist.
@TomTheMiner said:
@Admin If you visit my site (http://cnplus.ml/.well-known) it will show my Error: 404 message and I have verified through my cPanel’s Online File Manager that the folder does exist.
I see a folder called .well-know. Adding the final n would probably help.
@Admin Ah, yes sorry about the misspelling but fixing one problem has revealed another, when visiting the URL I am now redirected to the InfinityFree 403 page, any idea what is causing this?
@TomTheMiner said:
@Admin Ah, yes sorry about the misspelling but fixing one problem has revealed another, when visiting the URL I am now redirected to the InfinityFree 403 page, any idea what is causing this?
I’m not sure why you get a 403 error there, but I do know the Let’s Encrypt verification is working: http://cnplus.ml/.well-known/acme-challenge/VuO0Ulpw0nwToN2MDvKQarOhW67rHV9fVnsnPd4BWQM
@Admin (this post also links with mine https://forum.infinityfree.com/discussion/1454/certificate-upload-error), it appears the Let’s Encrypt acme-challenge discovers the server IP Address and tries to verify using that but this returns a 403 error, (tested on other domain) {
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: “Invalid response from http://tomshome.ml/.well-known/acme-challenge/EHFw-Ev6WqafRgEEP_bw4oHbj2M-vSPiB8SeR_q8Eqg: "\u003chtml\u003e\u003cbody\u003e\u003cscript type="text/javascript" src="/aes.js" \u003e\u003c/script\u003e\u003cscript\u003efunction toNumbers(d){var e=;d.replace(/(…)/g,func"”,
“status”: 403
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/h7ganF5aLL8vKYK-VaOeY5SGtNmf89Mt-TztCKTVOAc/1524691326”,
“token”: “EHFw-Ev6WqafRgEEP_bw4oHbj2M-vSPiB8SeR_q8Eqg”,
“keyAuthorization”: “EHFw-Ev6WqafRgEEP_bw4oHbj2M-vSPiB8SeR_q8Eqg.W5blo041werdYdJaVh6wyBw4qahoBVy2_PcQJ6oHjLA”,
“validationRecord”: [
{
“url”: “http://tomshome.ml/.well-known/acme-challenge/EHFw-Ev6WqafRgEEP_bw4oHbj2M-vSPiB8SeR_q8Eqg”,
“hostname”: “tomshome.ml”,
“port”: “80”,
“addressesResolved”: [
“185.27.134.174”
],
“addressUsed”: “185.27.134.174”,
“addressesTried”:
}
]
}
See/visit ‘addressUsed’ above to see it is forbidden.
In that case, I think this answer applies to you as well: https://forum.infinityfree.com/discussion/comment/5088/#Comment_5088